Hackers Release Exploit Code: Industry Poised for Attack

“I wouldn’t be surprised if we see a worm sooner rather than later…” A hacker group has released code designed to exploit a widespread Windows flaw, paving the way for a major worm attack which researchers warn could strike any time soon. The warning came Friday, after hackers from the Chinese X Focus security group forwarded source code to several public security lists. The code is for a program designed to allow an intruder to enter Windows computers. The X Focus program takes advantage of a hole in the Microsoft operating system that lets attackers break in remotely. The flaw has been characterized by some security experts as the most widespread ever found in Windows. Marc Maiffret, chief hacking officer for network protection firm eEye Digital Security, said: “An exploit like this is very easy to turn into a worm. I wouldn’t be surprised if we see a worm sooner rather than later.” While many security researchers believe the publication of such information can encourage security personnel in businesses to patch holes faster, the release of exploit code has typically preceded the largest worm attacks of the past few years. Full Story

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.